Did you get an email from Target?

Are you one of the roughly 70 million people who got an email from Target last week about the store's mega security breach? If so, be careful.

Target did indeed do a blast to customers to offer one year of free credit monitoring. The problem is scammers are also on the prowl and are sending out similar emails.

Target even says it has identified and stopped at least 12 scams preying on consumers via email, Facebook and other outlets.

The Target emails went to customers whose personal information was in the Target database. Cyber thieves penetrated the records during the holiday shopping season breach discovered last month and stole info like names, phone numbers and email addresses. The full extent of the hacking is still under investigation.

In the meantime, here's what to do if you see an email from Target pop up in your inbox.

If you've already opened the email: Target has posted a copy of the email it sent out online. So go here to make sure the email you opened, the address it came from, and the link you clicked all matches up.

If it doesn't match, and especially if you clicked a link to an external website and entered personal information, you need to take action quickly.

First, get a copy of your credit report, check your bank and credit card activity on a daily basis and call the credit reporting agencies to tell them what happened. You can ask to have a fraud alert placed on your account, meaning it will be flagged to lenders if someone attempts to open credit in your name.

If you're really worried, you can request a credit freeze, which prohibits any credit from being extended under your name. But that's a big step because you will have to go through the process of undoing this whenever you need credit again.

If you entered a credit card or debit card number, reach out to those institutions to warn them of potential fraud as well.

If you haven't opened the email: To avoid any chance of a virus or of falling prey to a potential scam, it is  recommended to go directly to Target's website to view the letter you believe has landed in your inbox -- since even opening a fraudulent email could lead malware to be installed on your computer. And if you do open the email, don't click on any links.

All other correspondence from Target can be found here. The retailer emphasizes that it will never email a consumer and ask for personal information like a Social Security number or credit card information.

But it's not just emails claiming to be from Target that customers need to worry about.

If your personal information was compromised in the breach, that means scammers could contact you pretending to be anyone -- like another retailer.

PhishMe: Popular holiday-themed phishing attacks

Most common Holiday-Themed Phishing Attacks

The holidays are a busy time for everyone… especially for hackers trying to phish your employees. Phishing is most effective when it exploits human emotions—fear, greed, anxiousness, curiosity, compassion, getting a good deal—and the holidays tend to bring these emotions out more than other times of the year. This gives adversaries a bevy of relevant topics to use to build phishing campaigns. However, which tactics should you train your employees look out for?

Below, PhishMe has pulled together a list of the most common holiday-themed phishing attacks:

Holiday e-card: Who doesn’t love to receive a nice holiday greeting? But is that link to an e-card actually from your co-worker, manager, HR department, etc. or is it something sinister? Emails that appear to be holiday e-cards are a simple and effective phishing tactic every holiday season.

Holiday party info/registration: The company holiday party is always a much anticipated event, and The Wall Street Journal estimates 9 out of 10 companies will throw some kind of holiday party this year. That means lots of organizations will send out email invitations, so spoofed invitations present another great holiday-themed opportunity for attackers crafting phishing emails.

Travel notifications: AAA estimated that 93.3 million people traveled more than 50 miles from home during the end of December last year, and that means airlines will be sending out plenty of flight change/confirmation emails. We have seen some pretty realistic phishing emails that spoof the types of emails airlines commonly send to passengers, and an email warning of major itinerary changes will certainly grab the attention of an employee eager to get home for the holidays.

The view the full post and the rest of the holiday phishing scams please click here.

Take Time To Understand Free Tools Before You Use Them

Free tools and technologies can deliver real value, Yet they also can present risks!

URL shortening services, for example, are fantastic, especially for those of us who love to share our knowledge and findings inside social networks. Yet they can very easily, and often do, hide a nefarious attack.

Another Free Tool to Use with Caution

Be sure to check the security of shortened URLs before clicking them. One service you may consider is urlxray.com.

Scam Of The Week: Ransomware Uses Child Porn Threat

Cybercriminals have cooked up a new way to blackmail people!

Getting caught viewing child porn is a huge deal and instantly makes you an outcast in most western countries. Cybercriminals have cooked up a new way to blackmail people out of their money, both inside and outside the office.

The ransomware family is called Revoyem (aka Dirty Decrypt) and uses the worst possible strategy to get people to pay up. It starts at a porn site that you have landed on, either on purpose or by accident. Then you are redirected by a malicious ad to an actual child porn themed page with very disturbing images. But while you are there, your PC gets infected with the Styx malware dropper which downloads ransomware and your computer gets locked.

The lock screen again shows disturbing images and now accuses you of watching child porn and what the penalties are. However, here comes your friendly ransomware to the rescue. Just pay the fine and you will not be prosecuted. They tell you to use either MoneyPak or PaysafeCard.

The attack is seen in the U.S., Canada and several Western European countries, is translated for each territory and uses the correct government law enforcement agency as a threat. This looks very much like an Eastern European Cybermafia operation.

WHAT TO DO: In an office environment, call the helpdesk and they will treat this as malware and remove it. At the house, call the police and file a complaint. It is likely the Police already know about it. 

Also take the PC to an expert and get the malware removed. And stay away from unsafe areas on the Internet like gambling and porn sites! Here is how the lock screen looks:

Scam Of The Week: "Held For Ransom"

Your Computer Has Been Locked

I would like to alert your users that a particularly effective scam is growing by leaps and bounds recently. It's not new, but it's bursting into mainline cybercrime these last few weeks. The scam takes over the full screen of the PC, stating that the FBI has locked that PC until a fine is paid. The PC may look locked down, but it was a cyber criminal who did that, not the Feds.

What to do: Do NOT PAY

This is malware on the PC. Treat it like malware and clean that system. The bad guys have found this is a scam that works really well for them. Scared PC users are often willing to pay hundreds of dollars to avoid getting in hot water with the FBI.

More than $5 million per year is extorted from victims. If it's a PC in the office, call IT. If it's a PC at the house, here is a video from security company Symantec how to remove this for free: http://www.youtube.com/watch?v=_dKBXeoLIFo.

Beware of Gumtree Scam: Scammer Targeted More Than 300 People on the Gumtree

Reports have emerged of series of scams, affecting people across Australia with similar scams on Gumtree

A male scam artist searches the wanted advertisements on site and then contacts the poster to say he has the item they are seeking.

The man then asks where the buyer lives and states he also lives nearby, but is working interstate so is unable to drop the goods off in person. Once the money is transferred to his account he ceases contact.

The scams have involved the attempted purchase of goods including mobile phones, iPads, electronic tablets and gift cards from stores including Coles, Myer and JB Hifi.

Reports of online scams can be made to the Australian Competition and Consumer Commission via www.scamwatch.gov.au or your specific country scamwatch website.

Cyber Threats: Trends in Phishing and Spear Phishing

Phishing is a global problem for businesses as well as individuals, targeting 37.3 billion people globally in the past year

Most of us have wisened up to basic scams and know better than to accept a Nigerian prince's offer of money, or a miraculous win on a Spanish lottery that you can't quite remember entering. But cyber criminals are raising their game and have evolved their tactics to target the more cyber-aware for greater returns.

Sophisticated 'spear phishing' attacks can be hard to spot by the experts; even the largest of organisations is not immune. What chance does this provide the average company or employee, let alone those who use computers infrequently?

Spear phishing is not random – cyber criminals identify employees within a target organisation and use social engineering tactics to construct a legitimate looking email. The FBI have warned business to be more aware of spear phishing tactics, as hackers target employees with administrative rights or access to critical systems.

91% of APTs (advanced persistent threats) start with phishing attacks and success could give cyber criminals the 'keys' to bypass security and initiate further attacks. Clicking a link doesn't mean that you are immediately compromised; phishing is part of a larger attack.

Hackers need to expose a system vulnerability and be able to install software quickly and quietly. However, cyber criminals use advanced tactics to disguise malicious attachments and sites to trick users into further action.

This infographic by Via Resource highlights trends and targets in phishing attacks.

SCAM Alert: Puppy Scams & Business Executive Scams

NEVER send money or give credit card or online account details to anyone you do not know and trust.

Almost everyone will be approached by a scammer at some stage. Some scams are very easy to spot while other scams may appear to be genuine offers or bargains. Scams can even take place without you doing anything at all.

Two scams have been identified prominent and needs awareness are:

(1) The “Puppy Scam” which is aimed at the dog lover, has been around for many years and appears to be rising again.

(2) The “Business Executive Scam” looks to victimize businesses in both Canada and the United States of America.

The Puppy Scam Method of Solicitation: Purebred dogs are offered at lower than normal prices. Straight forward ads are placed in free on-line sales sites like Gumtree, Craigslist and community web pages. The use of standard Newspapers ads has also been identified.

A twist to the scam also sees the seller leaving countries to do a ‘Christian Mission’ in other country. They must sell their dog because of their commitment to this mission where they will be helping people less fortunate. Although mobile phones have been used mainly the communication is done through an email address.

Victim Remittances: The use of money service businesses (MSB) is the primary method the fraudster uses to collect victim funds. Once the price is confirmed and the original payment is made the victim can expect many more communications from the fraudsters because the victim has to pay the “certified Transportation Company”, the “out of country tax”, the “Anti-terrorist fee” or the “verification of vaccination fee” just to name a few.

Additional emails will follow until the complainant finally realizes they are a victim and will never get a dog. Most of the destinations of the MSB transfers are West African nations including Nigeria, Ghana and Cameroon.

Refer here and here for more information.

The Business Executive Scam Fraudsters are researching companies on-line via company websites. To make this scam work, the fraudsters need to identify a company executive (IE CEO, President, manager, owner) as well as an email address to the accounting department. Once identified the fraudster creates an email address using the free emails of Yahoo, MSN or Google. The email address will be for instance “The executives name@ Yahoo.com”.

A message will be emailed to the accounting department advising that the executive is working at home or off-site and the executive has identified an outstanding payment that needs to be made ASAP.

The Executive instructs that a payment be made, generally in the amount of 25,000 to 80,000 dollars to an identified person and bank account.

Bank accounts associated to this fraud have been identified across North America thanks to the efforts of the complainants and the banks. Currently the victimization rate is very low but it has the potential for high dollar loss. Identified bank accounts require prompt action.

Refer here to learn more types of Business Executive Scams.

Beware of "Facebook Black"

"Facebook Black" malware spreading fast on Facebook

A new virus is hitting Facebook users with an Fake Facebook Black template which would allow the users to use an black template instead of the known white template.

The malware is spreading crazy on Facebook as it asks the users to click on a link that will install an application. This Black Facebook scam uses the trust of the Facebook users and then forwards the malware to their network and friends.

So please be warned do not click on the Facebook black template.

Revoke access

This malware uses an Facebook API to gain information. If you wish to revoke the access of the Facebook Black template virus then you have to do the following:

• Navigate to the following url: http://www.facebook.com/settings?tab=applications
• Search for the Facebook Black malware and delete it.

Sex Tape Scam Featuring Rihanna and `His’ Boyfriend Hits Facebook

Popular celebrities used by cyber-criminals for hoaxes and fraud

BEWARE! Facebook users are being hit by yet another alleged sex tape featuring Rihanna, one of the most popular celebrities used by cyber-criminals for hoaxes and fraud on the social network.

This time, the scam alleges the American singer was caught with `his boyfriend’ [sic] during sexy times.

Check out how the #scam works and how to protect your Facebook account here: http://bit.ly/Rihanna_Sex_Tape_Scam

How to Catch a Phish?

Helpful hint on spotting a phishing-scam email before it's too late!

You can detect a fake email very quickly simply by focusing on the "From" field in your email header.

Most malicious e-mails say they are from a legitimate company, but the address in the "From" field does not match that in the signature. If you are unsure of the sender's legitimacy, you can also use free tools on the Internet to verify any email address quickly.

Be aware, however, that some of these phishing artists are very adept at masking their identities.

Beware of 12 SCAMS during Christmas

Study investigated behaviours of Americans but it's still relevant to Australians

A Harris Interactive study, conducted online among over 2,300 U.S. adults, investigates the online habits and behaviors of Americans, including those who indicate that they will engage with the Internet and mobile devices while shopping this holiday season.

While Americans have become accustomed to shopping online, and will do so in droves, they are also using their mobile phones for more of their everyday activities.

As 70% of those surveyed plan to shop online this holiday season, a surprising 1 in 4 (24%) of them plan to use their mobile devices, and while aware of the risks, they are willing to give away their personal information if they can get something they value in return.

In fact, despite the fact that 87% of smartphone or tablet owners surveyed are at least somewhat concerned that their personal information could be stolen while using an app on a smartphone or tablet, nearly nine in ten of them are willing to provide some level of personal information in order to receive an offer that is of value to them.

Among those Americans planning on using smartphones and/or tablets to purchase gifts this holiday season, over half (54%) are specifically planning to use apps for shopping and/or banking during the holiday season; as such, mobile devices have proven irresistible to cybercriminals, and now they are targeting mobile users through malicious applications.

With roughly three in ten (28%) American smartphone and/or tablet owners admitting they do not pay attention at all to app permissions and 36% paying attention but specifying they do not always do so, Cyber-Scrooge criminals are ready to pounce.

‘Tis the season for consumers to spend more time online - shopping for gifts. 88% of those Americans who plan on shopping online during the 2012 holiday season plan on using a personal computer to do so, and 34% will use a tablet (21%) and/or smartphone (19%).

But with nearly half (48%) of Americans planning to shop online on Cyber Monday for sales (45% using a computer, 10% using a mobile device), here are the “12 Scams of Christmas,” the dozen most dangerous online scams to watch out for this holiday season, revealed by McAfee.

1. Social media scams - Cybercriminals know social media networks are a good place to catch you off guard because we’re all “friends,” right? Scammers use channels, like Facebook and Twitter, just like email and websites to scam consumers during the holidays.

Be careful when clicking or liking posts, while taking advantage of raffle contests, and fan page deals that you get from your “friends” that advertise the hottest Holiday gifts, installing apps to receive discounts, and your friends’ accounts being hacked and sending out fake alerts. Twitter ads and special discounts utilize blind, shortened links, many of which could easily be malicious.

2. Malicious mobile apps - As smartphone users we are app crazy, downloading over 25 billion apps1 for Android devices alone! But as the popularity of applications has grown, so have the chances that you could download a malicious application designed to steal your information or even send out premium-rate text messages without your knowledge.

3. Travel scams - Before you book your flight or hotel to head home to see your loved ones for the holidays, keep in mind that the scammers are looking to hook you with too-good-to-be-true deals. Phony travel webpages, sometimes using your preferred company, with beautiful pictures and rock-bottom prices are used to get you to hand over your financial details.

4. Holiday spam/phishing - Soon many of these spam emails will take on holiday themes. Cheap Rolex watches and pharmaceuticals may be advertised as the “perfect gift” for that special someone.

5. iPhone 5, iPad Mini and other hot holiday gift scams - The kind of excitement and buzz surrounding Apple’s new iPhone 5 or iPad Mini is just what cybercrooks dream of when they plot their scams. They will mention must-have holiday gifts in dangerous links, phony contests (example: “Free iPad”) and phishing emails as a way to grab computer users’ attention to get you to reveal personal information or click on a dangerous link that could download malware onto your machine.

6. Skype message scare - People around the world will use Skype to connect with loved ones this holiday season, but they should be aware of a new Skype message scam that attempts to infect their machine, and even hold their files for ransom.

7. Bogus gift cards - Cybercriminals can't help but want to get in on the action by offering bogus gift cards online. Be wary of buying gift cards from third parties; just imagine how embarrassing it would be to find out that the gift card you gave your mother-in-law was fraudulent!

8. Holiday SMiShing - “SMiSishing” is phishing via text message. Just like with email phishing, the scammer tries to lure you into revealing information or performing an action you normally wouldn’t do by pretending to be a legitimate organization.

9. Phony e-tailers - Phony e-commerce sites, that appear real, try to lure you into typing in your credit card number and other personal details, often by promoting great deals. But, after obtaining your money and information, you never receive the merchandise, and your personal information is put at risk.

10. Fake charities - This is one of the biggest scams of every holiday season. As we open up our hearts and wallets, the bad guys hope to get in on the giving by sending spam emails advertising fake charities. 

11. Dangerous e-cards - E-Cards are a popular way to send a quick “thank you” or holiday greeting, but some are malicious and may contain spyware or viruses that download onto your computer once you click on the link to view the greeting.

12. Phony classifieds - Online classified sites may be a great place to look for holiday gifts and part-time jobs, but beware of phony offers that ask for too much personal information or ask you to wire funds via Western Union, since these are most likely scams.

Using multiple devices provides the bad guys with more ways to access your valuable “Digital Assets,” such as personal information and files, especially if the devices are under-protected. One of the best ways for consumers to protect themselves is to learn about the criminals’ tricks, so they can avoid them.

Beyond that they should have the latest updates of the applications on their devices in order to enjoy a safe online buying or other experience. We don’t want consumers to be haunted by the scams of holidays past, present and future – they can’t afford to leave the door open to cyber-grinches during the busy holiday season.”

BeAware of Facebook Scams

Scammers are targeting Facebook users

There is a new phishing scheme targeting Facebook users. Falsely notifying the user of a blocked account via email, the scam attempts to get victims clicking - leading them straight to a malicious website that will steal their information. 

See below for example this current social engineering attempt.

If you get an email like this, simple delete and never click anything! Optionally, before deleting you can forward the email to the Facebook security team so they can fight against such scams.

How to Spot a Fake LinkedIn Profile

Scams on Linkedin Exposed. How gullible job-seekers are beguiled!


LinkedIn is no stranger to fraud, having recently survived a heavily scrutinized password breach.


Unfortunately, it's largely up to you to protect yourself from falling into the snare of a scam artist posing as a legitimate professional connection. Understand that once you are linked with a fraudsters there is no telling what type of scams they will try to pull on you.


They may also victimize your other connections if you allow your linked connections to see one another (you can change your settings to prevent this). Because some LinkedIn users are in the practice of accepting all invitations, it's incredibly important to look out for scammers.


John Thomas of Bloglerati has put together an excellent collection of fake profiles on his Facebook page, along with the following red flags for spotting fake LinkedIn profiles:

• Lower case first and last name
• Stock photo for profile picture
• Minimal info in profile
• Belongs to a large number of groups
• Generic company name
• Rhythmic names, like Sam Smith or Joe Johnson

Nigerian Scams Deliberately Designed To Target Stupid People

Why email scammers say they're from Nigeria?

A recent study found that email scammers really aren't interested in appearing believable because it would just be too expensive if everyone fell for it.

The research conducted by Microsoft’s Machine Learning Department, titled Why do Nigerian scammers say they are from Nigeria? found that the OTT scam email, complete with typos is a simple, cost effective way of weeding out intelligent people, leaving only the most gullible to hit.

"Far-fetched tales of West African riches strike as comical," wrote principal researcher, Cormac Herley in the study. "Our analysis suggests that is an advantage to the attacker, not a disadvantage.

“Since his attack has a low density of victims, the Nigerian scammer has an over-riding need to reduce the false positives. By sending an email that repels all but the most gullible, the scammer gets the most promising marks to self-select, and tilts the true to false positive ration in his favour.”

It seems to work. Just last year a Nigerian man was jailed for 12 years after scamming US$1.3 million. In 2008 an Oregon woman lost $400k to a similar scam.

So next time you open a scam email and think to yourself: "Why bother?" live happy in the knowledge you're not the target market.

Criminals hit the jackpot in Victoria with $55K lottery scam

CRIME syndicates are setting up fake lotteries to swindle Australians with promises of windfall jackpots.

A Victorian (Australia) man has become the latest victim, losing $55,000 in bogus administration fees when he tried to claim a supposed $4.5 million fortune. The theft is one of the biggest lottery fraud losses reported to Consumer Affairs Victoria.

The man told the watchdog and police that he transferred the cash after responding to an email sent to his wife advising of the massive win. Sources said there was little hope of retrieving the money because lottery fraudsters were normally based overseas and avoided detection through reinventing themselves.

The man, who declined to be named and has not told all of his family about the theft, was ordered to keep details of the lottery win secret. The scammers later claimed they had transferred the $4.5 million but the International Monetary Fund had stopped the payment and a 3 per cent fee was required to access it.

Con artists siphon at least $3 million a year from Australians through phony lotteries and sweepstake offers that steal cash or bank details, the Australian Competition and Consumer Commission says.

CAV director Dr Claire Noone said people should be suspicious of any texts, emails or mail claiming that they've won or could win a fortune.

"The scammer will inform consumers they've won a large amount of money or a holiday and they need to send money to claim it," Dr Noone said.

"Scammers often say this money is needed to cover the costs of taxes or administration fees. Once you send the payment overseas though, the scammer pockets the fee and the prize never arrives."

CAV received 6770 reports about various scams last financial year, up 44 per cent on the previous year.

TIPS TO AVOID GETTING RIPPED OFF

• Never send money, credit card or bank details, or personal information to someone you don’t know.
• Beware of claims to provide you with instant income or winnings.
• Do not give out information over the phone unless you made the call or know the number.
• If you fall victim to a scam email, change your email address as soon as possible to avoid further contact.

Source: Consumer Affairs Victoria

Beware of SCAMMERS on dating websites!

Heartless SCAMMERS

Don't give your heart away online, at least not before you've met that special somebody in person. Some Aussies have been stung for more than $100,000 in online dating and romance scams by "lover" claiming to be desperate for money because of an accident or robbery overseas.

A common scenario is to pretend to be a soldier or aid worker on an overseas mission in need of extra cash to pay costs and get a "leave pass" to visit.

The Australian Competition and Consumer Commission (ACCC) is working to create new guidelines to combat scams. They received more than 1600 complaints about online dating scam relating to more than $17 million in losses between January and October this year.

And of those, more than 200 people have lost $10,000 or more. ACCC deputy chairman Dr. Michael Schaper said more people lost money in dating scams than any other type of scheme.

If you have been talking or communicating with them (Scammers) for a period of time, it can be hard to say no. Please beware of such scams and never give money or share private information. Other red flags can include bad punctuation and spelling.

Dating website operators have until December 16, 2011 to comment on draft guidelines before they are launched next year.

BEWARE: Facebook Scam threatening to delete your account!

Sending a fraud request

A Facebook scam, dubbed the cleverest yet, gets users to provide their passwords and financial details by accusing them of violating the site's policy and threatens to delete their account.

Experts said the recent assault designed to steal users' Facebook details is among the most sophisticated yet because it mimics the security procedures that sites use to defend against internet trolls and other bad behaviour online.

The scam comes in an email accusing the user of insulting or annoying another Facebook user and saying their account will be deleted in 24 hours.

The email requires Facebook login details and, for "authentication" purposed, parts of a person's credit card details. The email links to a fake account disabled page that asks for personal details, including credit card information.

The access to login details helps the scam travel farther and faster by sending it to new users from trusted friends.

Expert Advice:

The emails are entirely bogus. They are not coming from Facebook. Social media venues would not request financial information, nor would they request login details. With the credit card information, fraudsters can conduct identity theft and other malicious financial activity.

Website Hoax-Slayer discovered the scam and warned against emails with the phrase: "Last warning: Your account is considered to violated the policies that are considered annoying or insulting to Facebook users."

Facebook Rumours

New Life for Same Old Tune

A long-running rumor has resurfaced. For years, the social media scammers have been chattering about Facebook's plans to begin charging its users. They want to trick you into taking actions that will actually give them access to your personal Facebook data! Rest assured, this is one rumor that simply will not come true. Mr. Zuckerberg has said so himself many times.

Facebook has built its entire model on advertising revenue, and for that model to remain successful, it needs to maintain its enormous user base.

For more on Facebook scams and other flim-flams, read this CNN Tech article.

Must-Read: A New Guide to Facebook Security

16 ways to Stay Safe on Facebook

A new, free guide on Facebook security, though geared for users, details the practices chief information security officers and other organizational security practitioners should share with their staffs to assure, not only safe Internet hygiene when workers access Facebook from work, but for use with other social media sites, as well.

A Guide to Facebook Security is, in the words of one of its authors, "fun to read and easy to understand."

In 20 pages, the guide explains how users can protect their accounts, avoid scammers and configure advanced security settings. It shows how to use one-time passwords, secure browsing and track account activity as well as explains why account thieves and malware pushers seek account access.

There's a whole section on avoiding: avoiding clickjacking, avoiding malicious script scam, avoiding account thieves and avoiding Facebook gaming scams.

Here are 16 tips the authors present to stay safe on Facebook:

1. Only friend people you know.
2. Create a good password and use it only for Facebook.
3. Don't share your password.
4. Change your password on a regular basis.
5. Share your personal information only with people and companies that need it.
6. Log into Facebook only once each session. If it looks like Facebook is asking you to log in a second time, skip the links and directly type www.facebook.com into your browser address bar.
7. Use a one-time password when using someone else's computer.
8. Log out of Facebook after using someone else's computer.
9. Use secure browsing whenever possible.
10. Only download apps from sites you trust.
11. Keep your anti-virus software updated.
12. Keep your browser and other applications up to date.
13. Don't paste script (computer code) in your browser address bar.
14. Use browser add-ons like Web of Trust and Firefox's NoScript to keep your account from being hijacked.
15. Beware of "goofy" posts from anyone, even friends. If it looks like something your friend wouldn't post, don't click on it.
16. Scammers might hack your friends' accounts and send links from their accounts. Beware of enticing links coming from your friend